CLAIMS 

We claim: 

1. A network tap that permits an attached device to communicate with a 
node of a network, the node of the network communicating with a network cable 
transmitting network data thereon, the network cable having a first segment and a 
second segment, the network tap comprising: 

a first and second tap port, at least one of which is configured to receive 
a copy of network data obtained from the network cable, wherein the attached 
device can be selectively connected to at least one of the first and second tap 
ports and at least one of the first and second tap ports is configured to receive 
device data fi-om the attached device, the first and second tap ports being 
capable of operating in a plurality of modes, each being defined by enabling or 
disabling the ability of the first and second tap ports to receive network data and 
device data; 

means for inserting device data from the attached device into the 
network cable without disrupting the flow of data therein; and 

means for selecting one of the plurality of modes in which the first and 

O o a: „j i second tap ports may operate. 
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< i § I w 2. The network tap as recited in claim 1, wherein in one mode, the first and 
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3. The network tap as recited in claim 2, wherein in one mode, at least one 
of the first and second tap ports are enabled to receive device data. 
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4. The network tap as recited in claim 2, wherein in one mode, the first and 
second tap ports are both disabled firom receiving device data. 

5. The network tap as recited in claim 1, wherein in one mode, one of the 
first and second tap ports is enabled to receive network data and the other of the first 
and second tap ports is disabled fi:'om receiving network data. 

6. The network tap as recited in claim 5, wherein in one mode, the one of 
the first and second tap ports that is enabled to receive network data is also enabled to 
receive device data. 

7. The network tap as recited in claim 5, wherein in one mode, the one of 
the first and second tap ports that is enabled to receive network data is disabled firom 
receiving device data. 

8. The network tap as recited in claim 5, wherein in one mode, the one of 
the first and second tap ports that is disabled fi-om receiving network data is enabled to 
receive device data. 

9. The network tap as recited in claim 5, wherein in one mode, the one of 
the first and second tap ports that is disabled fi-om receiving network data is also 
disabled fi"om receiving device data. 
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10. The network tap as recited in claim 1, wherein means for inserting 
received device data into the network cable without disrupting the flow of data therein 
comprises an Ethernet switch. 



11. The network tap as recited in claim 1, wherein means for inserting 
received device data into the network cable without disrupting the flow of data therein 
comprises an integrated circuit. 

12. The network tap as recited in claim 11, wherein the integrated circuit 
comprises a field programmable gate array. 

1 3. The network tap as recited in claim 1 , wherein means for selecting one of 
the plurality of modes in which the first and second tap ports may operate comprises: 

a management port configured to selectively connect to a remote 
computer; and 

an integrated circuit configured to receive management data fi-om the 
management port to at least indirectly enable or disable the ability of the first 




the plurality of modes in which the first and second tap ports may operate comprises 



and second tap port to receive at least one of network data and device data. 



14. The network tap as recited in claim 1 , wherein means for selecting one of 



one or more manual switches located on the network tap. 
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15, A network tap that permits an attached device to communicate with a 
node of a network, the node of the network communicating with a network cable 
transmitting network data thereon, the network cable having a first segment and a 
second segment, the network tap comprising: 

a first tap port configured to receive a copy of network data obtained 
from the network cable; 

a second tap port configured to receive a copy of network data obtained 
fi-om the network cable, wherein the attached device can be selectively 
connected to at least one of the first tap port and second tap port, wherein at 
least one of the first tap port and second tap port is configured to receive device 
data fi"om the attached device, and wherein the first tap port and second tap port 
are configured to operate in a plurality of modes, each mode being defined by 
enabling or disabling the ability of the first tap port and second tap port to 
receive network data and device data; 

a routing node that is in communication with the first tap port and second 
tap port, the routing node being configured to pass network data from the 
network cable to at least one of the first tap port and the second tap port and to 
O o i pass device data fi"om at least one of the first tap port and second tap port to the 

y 22 H S H b network cable; and 

:^ i I ^ If S an integrated circuit configured to select the mode in which the first tap 

2 ^ 2 ^ J port and second tap port operate. 

16. The network tap as recited in claim 15, wherein the integrated circuit 
enables both the first tap port and the second tap port to receive network data. 
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17. The network tap as recited in claim 16, wherein the integrated circuit 
enables at least one of the first tap port and second tap port to receive device data. 

1 8. The network tap as recited in claim 1 7, wherein: 

the attached device is an intrusion detection system; and 

the device data comprises a kill packet from the intrusion detection 

system, the routing node being configured for transmitting the kill packet via the 

network cable to a firewall. 



19. The network tap as recited in claim 16, wherein the integrated circuit 
disables both the first tap port and second tap port from receiving device data. 

20. The network tap as recited in claim 15, wherein the integrated circuit 
enables one of the first tap port and second tap port to receive network data, forming a 
combined network data port, and disables the other of the first tap port and second tap 
port from receiving network data, forming a disabled network data port. 

w 

21. The network tap as recited in claim 20, wherein the integrated circuit 

$ 2 § ,i [2 ^ enables the combined network data port to also receive device data. 
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22. The network tap as recited in claim 20, wherein the integrated circuit 
disables the combined network data port from receiving device data. 
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23. The network tap as recited in claim 20, wherein the integrated circuit 
enables the disabled network data port to receive device data. 

24. The network tap as recited in claim 20, wherein the integrated circuit 
disables the disabled network data port from receiving device data. 

25. The network tap as recited in claim 16, further comprising: 

a first multiplexer in communication with the first tap port; and 
a second multiplexer in communication with the second tap port, 
wherein the integrated circuit controls the first multiplexer and second 
multiplexer to select the mode in which the first tap port and second tap port 
operate. 
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26. A network tap that permits an attached device to communicate with a 
node of a network, the node of the network communicating with a network cable 
transmitting network data thereon, the network tap comprising: 

a first network port configured to transmit or receive network data; 
a second network port configured to transmit or receive network data; 
a first tap port configured to receive a copy of at least some of the 
network data; 

a second tap port configured to receive a copy of at least some of the 
network data, wherein an attached device can be selectively connected to at least 
one of the first tap port and second tap port, wherein at least one of the first tap 
port and second tap port is configured to receive device data fi*om the attached 
device, and wherein the first tap port and second tap port are configured to 
operate in a plurality of modes, each mode being defined by enabling or 
disabling the ability of the first tap port and second tap port to receive network 
data and device data; and 

a first switch that is in communication with the first network port and the 
second network port and with the first tap port and second tap port, the switch 
being configured to pass network data between the first network port and the 
second network port and transmit device data fi-om one of the first tap port and 
second tap port to one of the first network port and second network port. 
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27. The network tap of claim 26, further comprising a second switch that is 
in communication with the first network port and the second network port and with the 
first tap port and the second tap port, the switch being configured to combined network 
data fi-om the first network port and second network port and transmit the combined 
network data to one of the first tap port and second tap port. 



28. The network tap of claim 27, fiirther comprising: 

a third tap port configured to receive a copy of at least some of the 
network data; and 

a fourth tap port configured to receive a copy of at least some of the 
network data, wherein the second switch is configured to duplicate the combined 
network data and transmit the combined network data to one of the third tap port 
and fourth tap port. 
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29. The network tap of claim 26, further comprising an integrated circuit 
configured to select the mode in which the first tap port and the second tap port operate. 

30. The network tap of claim 29, wherein the integrated circuit comprises a 



S H w H I Field Programmable Gate Array. 
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l^j 31. The network tap of claim 26, further comprising a management port 



configured to transmit management data to the integrated circuit, the management port 
being configured to be selectively connected to a remote computer. 
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32. The network tap of claim 26, further comprising a first communication 
line from the first network port to the first switch and a second communication line 
from the second network port to the first switch, each of the first communication line 
and the second communication line including: 

a relay for circumventing the first switch in the event of loss of power at 
the network tap; 

a transformer; and 

a fan out buffer that propagates the network data to the switch and 
propagates a copy of the network data to the first tap port and second tap port. 
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33. The network tap of claim 32, further comprising a third communication 
line for transmitting device data from one of the first tap port and second tap port to the 
first switch, the third communication line including: 

a transformer; 

a physical layer device; and 

a multiplexer. 
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